package com.yy.permissions_general.security.handler;

import com.yy.permissions_general.common.constant.StatusEnum;
import com.yy.permissions_general.utils.FastJsonUtils;
import com.yy.permissions_general.utils.ResultUtil;
import com.yy.permissions_general.utils.ServletUtil;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
* @Description: 当访问接口没有权限时，自定义的返回结果
* @Author: YY
* @Date: 2021/11/1
*/
@Component
public class RestfulAccessDeniedHandler implements AccessDeniedHandler {
    @Override
    public void handle(HttpServletRequest request,HttpServletResponse response,AccessDeniedException e) throws IOException{
        if (ServletUtil.isAjax(request)) {
            ServletUtil.write(FastJsonUtils.toString(ResultUtil.error(StatusEnum.NO_PERMISSION_ERROR)));
        } else {
            response.sendRedirect("/view/error/403");
        }
    }
}
